Privacy Policy

SOPflow (“we,” “our,” “us”) provides software that helps churches and other organizations document and follow standard operating procedures inside their existing tools. This Privacy Policy explains what we collect, why, and what choices you have.

Information we collect

Account information.When an administrator creates an account we collect their organization name, the administrator’s full name, email address, and password (stored hashed by our authentication provider). When the administrator invites additional users, those users’ names and email addresses are collected the same way.

SOP-usage information. We record which SOPs each user opens and which steps they have marked as complete so that we can show progress and resume state. We do not record screen content, screenshots, or any data inside the third-party applications you use SOPflow alongside.

Billing information. Payment is processed by Stripe. We never see or store your card details. We retain the Stripe customer and subscription identifiers, the products you have purchased, and the transaction history those subscriptions generate.

Technical information. Our hosting provider records standard server logs (IP address, request URL, timestamp, browser user agent) for the purpose of operating and securing the service.

How we use your information

We use the information above to provide the service: authenticate you, show your organization the SOPs you have access to, track your progress through them, send service-related email (verification, password reset, billing receipts), process payment, and respond to support requests. We do not sell your information, we do not use it for advertising, and we do not share it with third parties except those listed below.

Service providers

SOPflow relies on a small number of vendors to operate. Each receives only the information needed to perform its function:

Supabase hosts our database and authentication. Stripe processes payment. Vercel hosts the application. If we have AI-assisted features enabled in your tenant, prompts and responses pass through Anthropic for language-model processing or ElevenLabs for text-to-speech, never including identifying data we don’t need to send.

Data retention

We retain account and usage data for as long as your subscription is active and for ninety days after cancellation, after which it is deleted from our active databases. Backups are retained for thirty days beyond that window for disaster-recovery purposes only.

Your choices

You can update your name, email, and password from your account settings at any time. To export the data on your account, or to delete your account entirely, email us at the address below. We respond within seven business days.

Children’s data

SOPflow is intended for staff use at the organizations that license it. We do not knowingly collect personal information from children under 13. If you believe we have, contact us and we will delete it promptly.

Changes to this policy

We may update this Privacy Policy as the service evolves. Material changes will be communicated by email to the administrator on each account at least thirty days before they take effect.

Contact

Questions about this policy or your data: info@churchsops.com.